Researchers Warn 3 Apps Have Been Stealing Crypto Undetected For A Year
Three crypto based apps have concealed a nasty surprise for those that have downloaded them. Researchers Warn 3 Apps Have Been Stealing Crypto Undetected For A Year
Cyber security researchers have discovered a year-long malware operation that has targeted cryptocurrency users with the creation of a number of fake apps.
Security firm Intezer Labs warned that ever increasing crypto prices have created heightened activity among hackers and malicious actors seeking financial gains. The malware has been disseminated over the past year, but was only discovered in December 2020.
The new remote access trojan (RAT), dubbed ElectroRAT, has been used to empty the cryptocurrency wallets of thousands of Windows, macOS, and Linux users, the report added.
Three cryptocurrency-related apps deployed in the attack — Jamm, eTrade/Kintum, and DaoPoker — were all hosted on their own websites. The first two are bogus crypto trading apps while the third is gambling based.
The ElectroRAT malware hidden inside these apps is extremely intrusive according to the researchers;
“It has various capabilities such as keylogging, taking screenshots, uploading files from disk, downloading files, and executing commands on the victim’s console.”
After being launched on a victim’s computer, the apps show a foreground user interface designed to divert attention from the malicious background processes. The apps were promoted using social media platforms Twitter and Telegram in addition to cryptocurrency based forums such as Bitcointalk.
Intezer Labs estimated that the campaign has already infected “thousands of victims” who have had their crypto wallets emptied. It added that there was evidence that some victims who were compromised by the apps were using popular crypto wallets such as MetaMask.
The malware has been written in a multi-platform programming language called Golang which makes it harder to detect. The security firm stated that it was uncommon to see a RAT designed to steal personal information from cryptocurrency users that was written from scratch, adding;
“It is even rarer to see such a wide-ranging and targeted campaign that includes various components such as fake apps and websites, and marketing/promotional efforts via relevant forums and social media.”
There have been a number of cases in 2020 where fake versions of legitimate apps and browser extensions such as MetaMask or Ledger have made their way onto victims computers. This may be related to Ledger’s massive data breach in mid-December.
In September 2020, Coinbase users were among the victims of new Android-based malware disseminated through Google Play Store.
Crypto Holders Sue Apple Over ‘Fake’ Wallet App Scam
The lawsuit alleges that a fake wallet app was used to cheat customers out of more than $5 million in crypto holdings.
Apple is being sued yet again for damages resulting from an allegedly fake scam app available in its App Store, this time involving cryptocurrency.
In a class-action complaint filed on Thursday, the named plaintiff – Maryland resident Hadona Diep, described as a “full-time cyber-security IT professional” – accused Apple of knowingly “authorizing a malicious application” in its App Store that caused Diep to lose 474 XRP tokens, worth about $507 at the time of publication.
According to the complaint, the fraudulent app, a spoof of the legitimate Toast Wallet called Toast Plus, was used to steal Diep’s seed phrase and all of the tokens in the fake wallet. The complaint alleges that “hundreds or thousands” of users were victims of the Toast Plus scam app and that over $5 million in cryptocurrency was stolen.
The class-action lawsuit against Apple is the latest in a series of suits targeting Apple’s $64 billion App Store. Apple has defended its “walled-garden” approach by saying that it keeps users safe by preventing scams and viruses from being unknowingly downloaded – something that has been called into question by Diep’s lawsuit and others, including the developer of the FlickType app.
Critics of the App Store have also accused it of being an unfair monopoly, the debate at the center of the Apple vs. Epic Games lawsuit. Diep’s lawsuit also calls out Apple’s “near-monopolistic application market,” claiming that Apple must “take reasonable precautions to ensure that the goods it provides are reasonably safe and secure.”
Apple did not respond to CoinDesk’s request for comment on the lawsuit.
Scam Apps Are Rampant
Scam apps have long been a problem on both the Apple App Store and the Google Play Store. Apple has been criticized for unknowingly promoting fake apps, and according to a report from the Washington Post, around 2% of the App Store’s top-grossing apps are scams.
Apple has seemingly struggled to keep the quickly proliferating scam apps out of its App Store, causing damage to both businesses and consumers.
Julie Conroy, head of risk insights and advisory at research and advisory firm Aite-Novarica Group, told CoinDesk that the battle against fake apps is nothing new.
“Attackers have been using very sophisticated tactics for years to dupe unwitting consumers into downloading fake apps from the app stores in order to deploy malware and compromise credentials,” Conroy wrote in an email to CoinDesk.
“While the app stores do have review processes in place to try to detect these, fraudsters have developed some ingenious ways to avoid detection,” Conroy added.
Conroy also wrote that consumer education has been a key component of the defensive strategy taken by financial institutions to protect consumers, but that can be challenging to deploy and measure because consumers are inundated with messages from various sources about cybersecurity.
Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,Researchers Warn 3 Apps,